@rubytech/create-realagent 1.0.773 → 1.0.775

package/payload/platform/plugins/admin/mcp/dist/index.js

@@ -10,6 +10,7 @@ import { appendFileSync, cpSync, existsSync, mkdirSync, readdirSync, readFileSyn
 import { writeKey, validateKey, hasKey, keyFilePath, deleteKey } from "../../../../lib/anthropic-key/dist/index.js";
 import { deviceUrlBlock } from "../../../../lib/device-url/dist/index.js";
 import { substituteBrandPlaceholders } from "../../../../lib/brand-templating/dist/index.js";
+import { resolveEntitlement } from "../../../../lib/entitlement/dist/index.js";
 import { createHash, randomInt, randomUUID } from "node:crypto";
 import { createConnection } from "node:net";
 import { homedir, hostname as osHostname } from "node:os";
@@ -30,7 +31,10 @@ const PLATFORM_PORT = process.env.PLATFORM_PORT;
 if (!PLATFORM_PORT) {
     throw new Error("PLATFORM_PORT environment variable is required — set by getMcpServers() in claude-agent.ts");
 }
-// Brand-aware config — reads configDir and productName from brand.json stamped at install time.
+// Brand-aware config — reads configDir, productName, and commercialMode from
+// brand.json stamped at install time. commercialMode (Task 831) gates the
+// entitlement verifier: false (default) preserves personal-mode installs;
+// true requires a Rubytech-signed entitlement.json or the install runs locked.
 // No fallback: if brand.json is missing or incomplete, the platform wasn't properly installed.
 function resolveBrandConfig() {
     const brandPath = resolve(PLATFORM_ROOT, "config", "brand.json");
@@ -45,7 +49,11 @@ function resolveBrandConfig() {
         if (!brand.productName) {
             throw new Error(`brand.json at ${brandPath} is missing the productName field`);
         }
-        return { configDir: brand.configDir, productName: brand.productName };
+        return {
+            configDir: brand.configDir,
+            productName: brand.productName,
+            commercialMode: brand.commercialMode === true,
+        };
     }
     catch (err) {
         if (err instanceof SyntaxError) {
@@ -57,6 +65,27 @@ function resolveBrandConfig() {
 const BRAND_CONFIG = resolveBrandConfig();
 const CONFIG_DIR = resolve(homedir(), BRAND_CONFIG.configDir);
 const BRAND_NAME = BRAND_CONFIG.productName;
+// Entitlement input shape for the verifier. configDir is rooted under $HOME
+// (where entitlement.json is delivered post-purchase). platformRoot is needed
+// because the verifier runs in two bundle contexts (CJS dist for MCP, ESM tsup
+// bundle for UI) — caller passes the root rather than the verifier guessing.
+const ENTITLEMENT_BRAND = {
+    configDir: CONFIG_DIR,
+    platformRoot: PLATFORM_ROOT,
+    commercialMode: BRAND_CONFIG.commercialMode,
+};
+/** Resolve current effective entitlement. Memoized inside the verifier. */
+async function currentEntitlement() {
+    const config = await readAccountConfig();
+    return resolveEntitlement(ENTITLEMENT_BRAND, {
+        accountId: typeof config.accountId === "string" ? config.accountId : "",
+        customerEmail: typeof config.customerEmail === "string" ? config.customerEmail : undefined,
+        tier: typeof config.tier === "string" ? config.tier : undefined,
+        purchasedPlugins: Array.isArray(config.purchasedPlugins)
+            ? config.purchasedPlugins
+            : undefined,
+    });
+}
 const REMOTE_PASSWORD_FILE = resolve(CONFIG_DIR, ".remote-password");
 // Resolve account directory
 function getAccountDir() {
@@ -542,6 +571,53 @@ server.tool("account-update", "Update a user-configurable setting in account.jso
         };
     }
 });
+// Plugin enable/disable: deterministic write to account.json.enabledPlugins.
+// The pre-tool-use hook denies the agent's direct Edit on account.json (Task 831),
+// so the agent can no longer toggle enablement by hand-editing the file. This
+// tool is the legitimate path: validates the plugin name, refuses core plugins,
+// confirms the plugin directory exists, and atomically updates the array.
+// Entitlement-bearing fields (tier, purchasedPlugins) are NOT writable here.
+server.tool("plugin-toggle-enabled", "Enable or disable a plugin in this account by adding/removing its name from account.json's enabledPlugins array. Validates the plugin exists under platform/plugins/, refuses to disable core plugins (admin, memory, docs, cloudflare, anthropic), and writes atomically. Takes effect on next session start. Does NOT change purchasedPlugins or tier — those derive from the signed entitlement payload.", {
+    pluginName: z.string().describe("Plugin slug (lowercase a-z0-9-)."),
+    action: z.enum(["enable", "disable"]).describe("enable adds to enabledPlugins; disable removes."),
+}, async ({ pluginName, action }) => {
+    const TAG = "[admin:plugin-toggle-enabled]";
+    if (!VALID_PLUGIN_NAME.test(pluginName)) {
+        return { content: [{ type: "text", text: `${TAG} Invalid plugin name "${pluginName}". Must match ${VALID_PLUGIN_NAME}.` }], isError: true };
+    }
+    if (CORE_PLUGINS.includes(pluginName)) {
+        return { content: [{ type: "text", text: `${TAG} "${pluginName}" is a core plugin and cannot be toggled.` }], isError: true };
+    }
+    const pluginDir = resolve(PLUGINS_DIR, pluginName);
+    if (!existsSync(pluginDir) || !existsSync(join(pluginDir, "PLUGIN.md"))) {
+        return { content: [{ type: "text", text: `${TAG} Plugin "${pluginName}" not installed at ${pluginDir} (no PLUGIN.md). Install via premium-deliver or platform release.` }], isError: true };
+    }
+    try {
+        const configPath = join(getAccountDir(), "account.json");
+        const config = await readAccountConfig();
+        const current = Array.isArray(config.enabledPlugins) ? config.enabledPlugins : [];
+        let next;
+        if (action === "enable") {
+            if (current.includes(pluginName)) {
+                return { content: [{ type: "text", text: `${TAG} "${pluginName}" is already enabled.` }] };
+            }
+            next = [...current, pluginName];
+        }
+        else {
+            if (!current.includes(pluginName)) {
+                return { content: [{ type: "text", text: `${TAG} "${pluginName}" is not enabled — nothing to disable.` }] };
+            }
+            next = current.filter((n) => n !== pluginName);
+        }
+        config.enabledPlugins = next;
+        await writeFile(configPath, JSON.stringify(config, null, 2) + "\n", "utf-8");
+        console.error(`${TAG} ${action}d plugin=${pluginName} path=${configPath}`);
+        return { content: [{ type: "text", text: `Plugin "${pluginName}" ${action}d. Takes effect on next session.` }] };
+    }
+    catch (err) {
+        return { content: [{ type: "text", text: `${TAG} Failed: ${err instanceof Error ? err.message : String(err)}` }], isError: true };
+    }
+});
 // ===================================================================
 // Admin user management tools
 // ===================================================================
@@ -560,11 +636,15 @@ server.tool("admin-add", "Add a new admin user to this account. Creates a device
     catch (err) {
         return { content: [{ type: "text", text: `${TAG} ${err instanceof Error ? err.message : String(err)}` }], isError: true };
     }
-    // Enforce per-tier admin limit
+    // Enforce per-tier admin limit. Effective tier comes from the signed
+    // entitlement payload (Task 831) — editing account.json.tier directly
+    // has no effect; the verifier uses the signed value and emits a
+    // [entitlement] tampered: line if disk and signed diverge.
     try {
         const config = await readAccountConfig();
         const currentAdmins = (config.admins ?? []);
-        const tier = typeof config.tier === "string" ? config.tier : "";
+        const entitlement = await currentEntitlement();
+        const tier = entitlement.tier;
         const maxAdmins = MAX_ADMINS_BY_TIER[tier] ?? MAX_ADMINS_DEFAULT;
         if (currentAdmins.length >= maxAdmins) {
             return { content: [{ type: "text", text: `${TAG} Admin limit reached (${maxAdmins} for ${tier || "this"} tier). Remove an existing admin before adding a new one.` }], isError: true };
@@ -2179,7 +2259,9 @@ server.tool("premium-list", "List available premium plugins and their delivery s
             };
         }
         const config = await readAccountConfig();
-        const purchased = Array.isArray(config.purchasedPlugins) ? config.purchasedPlugins : [];
+        // Effective purchasedPlugins from signed entitlement (Task 831).
+        const entitlement = await currentEntitlement();
+        const purchased = entitlement.purchasedPlugins;
         const enabled = Array.isArray(config.enabledPlugins) ? config.enabledPlugins : [];
         const entries = readdirSync(STAGING_ROOT, { withFileTypes: true })
             .filter(e => e.isDirectory())
@@ -2284,7 +2366,16 @@ server.tool("premium-deliver", "Deliver a purchased premium plugin. Copies plugi
             isError: true,
         };
     }
-    const purchased = Array.isArray(config.purchasedPlugins) ? config.purchasedPlugins : [];
+    // Effective purchasedPlugins from signed entitlement (Task 831). The
+    // raw account.json value is ignored on commercial installs; verifier
+    // returns the signed list (or [] on anonymous-fallback).
+    const entitlement = await resolveEntitlement(ENTITLEMENT_BRAND, {
+        accountId: typeof config.accountId === "string" ? config.accountId : "",
+        customerEmail: typeof config.customerEmail === "string" ? config.customerEmail : undefined,
+        tier: typeof config.tier === "string" ? config.tier : undefined,
+        purchasedPlugins: Array.isArray(config.purchasedPlugins) ? config.purchasedPlugins : undefined,
+    });
+    const purchased = entitlement.purchasedPlugins;
     // --- Check purchase status ---
     if (!purchased.includes(pluginName)) {
         return {